For customers using an Okta custom URL, when accessing the Advanced Server Access (ASA) application URL (Service Provider (SP)- initiated flow), ASA will redirect to subdomain.okta.com instead of the Okta custom URL.

• Advanced Server Access (ASA)
• Service Provider Initiated (SP-Initiated)

This behavior happens because when the ASA app was initially set up, it was using the Okta subdomain URL, which creates metadata that ASA uses to redirect SP-initiated flows. The solution is to update the metadata with the custom domain one.

To update the ASA metadata, please open a case with Okta Support and include the following:

• ASA Team Name
• Okta Default Domain
• Custom Domain URL
• In Okta, under the Sign on tab in the ASA app configuration, copy the metadata URL. 
  • If browsing to the link, an xml file will show.
    • Please provide the metadata URL and the output of the xml.